From f831508297cd33051aff4925203b3e44b790d3ec Mon Sep 17 00:00:00 2001 From: Mimi Zohar Date: Fri, 14 Aug 2020 14:19:53 -0400 Subject: [PATCH] Install the swtpm package, if available The "boot_aggregate.test" requires either a hardware or software TPM. Support using the swtpm, if packaged for the distro, in addition to tpm_server. Note: Some travis/.sh scripts are links to other scripts. Don't fail the build of the linked script if the swtpm package doesn't exist. Signed-off-by: Mimi Zohar Reviewed-by: Petr Vorel Acked-by: Bruno Meneguele --- .travis.yml | 2 +- tests/boot_aggregate.test | 42 ++++++++++++++++++++++++++++----------- travis/fedora.sh | 1 + 3 files changed, 32 insertions(+), 13 deletions(-) diff --git a/.travis.yml b/.travis.yml index 849fcb6..9bea5d1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -75,4 +75,4 @@ before_install: script: - INSTALL="${DISTRO%%:*}" - INSTALL="${INSTALL%%/*}" - - docker run -t ima-evm-utils /bin/sh -c "cd travis && if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || ../tests/install-swtpm.sh; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ../build.sh" + - docker run -t ima-evm-utils /bin/sh -c "cd travis && if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || ../tests/install-swtpm.sh; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ../build.sh" diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index 43de67d..1c7b1f2 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -33,11 +33,15 @@ else ASCII_RUNTIME_MEASUREMENTS="./sample-ascii_runtime_measurements-pcrs-8-9" export TPM_INTERFACE_TYPE="socsim" export TPM_COMMAND_PORT=2321 + export TPM_PLATFORM_PORT=2322 + export TPM_SERVER_NAME="localhost" + export TPM_SERVER_TYPE="raw" + fi # Only stop this test's software TPM. Preferred method: "tsstpmcmd -stop" cleanup() { - if [ ! -z "${SWTPM_PPID}" ]; then + if [ -n "${SWTPM_PPID}" ]; then if [ -f "${TSSDIR}/tsstpmcmd" ]; then "${TSSDIR}/tsstpmcmd" -stop else @@ -48,22 +52,36 @@ cleanup() { # Try to start a software TPM if needed. swtpm_start() { - local swtpm + local swtpm swtpm1 swtpm="$(which tpm_server)" - if [ -z "${swtpm}" ]; then - echo "${CYAN}SKIP: Softare TPM (tpm_server) not found${NORM}" + swtpm1="$(which swtpm)" + if [ -z "${swtpm}" ] && [ -z "${swtpm1}" ]; then + echo "${CYAN}SKIP: Softare TPM (tpm_server and swtpm) not found${NORM}" return "$SKIP" fi - pgrep tpm_server - if [ $? -eq 0 ]; then - echo "INFO: Software TPM (tpm_server) already running" - return 114 - else - echo "INFO: Starting software TPM: ${swtpm}" - ${swtpm} > /dev/null 2>&1 & - SWTPM_PPID=$! + if [ -n "${swtpm1}" ]; then + pgrep swtpm1 + if [ $? -eq 0 ]; then + echo "INFO: Software TPM (swtpm) already running" + return 114 + else + echo "INFO: Starting software TPM: ${swtpm1}" + mkdir ./myvtpm + ${swtpm1} socket --tpmstate dir=./myvtpm --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init > /dev/null 2>&1 & + SWTPM_PPID=$! + fi + elif [ -n "${swtpm}" ]; then + pgrep swtpm + if [ $? -eq 0 ]; then + echo "INFO: Software TPM (tpm_server) already running" + return 114 + else + echo "INFO: Starting software TPM: ${swtpm}" + ${swtpm} > /dev/null 2>&1 & + SWTPM_PPID=$! + fi fi return 0 } diff --git a/travis/fedora.sh b/travis/fedora.sh index 058e172..2d80915 100755 --- a/travis/fedora.sh +++ b/travis/fedora.sh @@ -41,3 +41,4 @@ yum -y install \ which yum -y install docbook5-style-xsl || true +yum -y install swtpm || true